Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dOW7m208x_jCmoO9yEkrllnw7hc.cer
File:                     dOW7m208x_jCmoO9yEkrllnw7hc.cer (raw, json)
Hash identifier:          /uXxzw3gXyVbEFiWXPVpTeXBd3UXWD5hYo/vRDMZGHE=
Subject key identifier:   74:E5:BB:9B:6D:3C:C7:F8:C2:9A:83:BD:C8:49:2B:96:59:F0:EE:17
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer:       /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial:       4F06
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91620E0/D964B482310E11EA9C3CE72FC4F9AE02/dOW7m208x_jCmoO9yEkrllnw7hc.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91620E0/D964B482310E11EA9C3CE72FC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Thu 30 Nov 2023 19:37:19 +0000
Certificate not after:    Fri 31 Jan 2025 00:00:00 +0000
Subordinate resources:    IP: 47.8.0.0/15
                          IP: 47.11.0.0/16
                          IP: 47.15.0.0/16
                          IP: 47.29.0.0 -- 47.31.255.255
                          IP: 47.247.0.0/16
                          IP: 130.26.0.0/16
                          IP: 132.154.0.0/16
                          IP: 136.232.0.0/15
                          IP: 137.97.0.0/16
                          IP: 139.167.0.0/16
                          IP: 152.56.0.0/14
                          IP: 157.32.0.0 -- 157.51.255.255
                          IP: 169.149.0.0/16
                          IP: 205.253.0.0/16

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 15:53:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 20230 (0x4f06)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
        Validity
            Not Before: Nov 30 19:37:19 2023 GMT
            Not After : Jan 31 00:00:00 2025 GMT
        Subject: CN=A91620E0/serialNumber=74E5BB9B6D3CC7F8C29A83BDC8492B9659F0EE17
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:5e:6b:9c:d4:c7:61:15:fe:70:01:0a:ca:e2:
                    0b:05:dc:7a:84:01:33:d7:60:70:e1:23:29:0f:fb:
                    6e:d3:7c:d6:9f:ff:dd:64:92:52:11:7e:ae:6b:e1:
                    3f:5d:70:f9:3a:fb:85:60:8a:52:84:f1:ce:db:d9:
                    43:e7:bc:99:5d:16:98:1f:5e:5e:36:d3:23:fe:37:
                    fd:e7:76:d1:14:95:ca:87:eb:45:34:0d:3f:80:9a:
                    ce:32:8d:23:49:2e:ea:8e:7d:56:52:7b:30:dd:a9:
                    fa:4a:21:1d:5f:65:00:a7:c6:14:11:16:29:d7:f4:
                    50:eb:83:0a:0f:e4:d7:e5:a1:72:00:5b:f9:16:5f:
                    e7:f7:34:ce:23:5c:72:42:66:ae:60:be:0e:2f:34:
                    b3:f3:5d:20:47:95:2d:6f:7c:e5:0a:e1:c8:15:32:
                    17:5d:5e:5b:a0:cb:91:28:d6:62:d5:40:c8:6a:fd:
                    dd:27:4d:db:36:5c:09:08:87:b3:70:48:e7:cc:0a:
                    63:d1:86:d1:56:14:a1:0b:fa:5a:83:b7:87:8b:ff:
                    28:3d:68:1b:e5:8a:9b:69:e0:dc:71:49:d7:29:0d:
                    6c:db:95:40:3c:cc:2e:5d:b5:a1:99:b5:56:37:d5:
                    dc:7d:e4:31:34:af:ea:f5:50:46:25:69:04:d2:3b:
                    39:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:E5:BB:9B:6D:3C:C7:F8:C2:9A:83:BD:C8:49:2B:96:59:F0:EE:17
            X509v3 Authority Key Identifier:
                keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91620E0/D964B482310E11EA9C3CE72FC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91620E0/D964B482310E11EA9C3CE72FC4F9AE02/dOW7m208x_jCmoO9yEkrllnw7hc.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  47.8.0.0/15
                  47.11.0.0/16
                  47.15.0.0/16
                  47.29.0.0-47.31.255.255
                  47.247.0.0/16
                  130.26.0.0/16
                  132.154.0.0/16
                  136.232.0.0/15
                  137.97.0.0/16
                  139.167.0.0/16
                  152.56.0.0/14
                  157.32.0.0-157.51.255.255
                  169.149.0.0/16
                  205.253.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         7a:05:52:d8:a0:b2:0a:60:91:1c:e6:12:d7:62:e0:91:9d:3d:
         f2:80:21:b8:53:50:90:e2:14:5f:b5:8b:1c:d0:2e:d4:25:8a:
         bc:78:f3:9a:56:d2:90:05:39:b2:2d:fa:ad:ef:b6:cd:bd:e6:
         ab:92:d4:63:fb:d0:1b:5f:3c:a0:5a:42:29:c5:04:a9:44:9d:
         f6:62:05:36:03:d1:19:63:ef:cd:98:40:07:b0:f8:ce:a7:4d:
         d8:53:95:65:16:94:11:65:53:56:08:42:4b:45:74:ee:2b:ed:
         b9:38:68:a5:21:73:7d:e5:90:ea:b4:c5:c5:cb:f5:3f:46:5a:
         65:00:c6:03:be:92:30:86:9f:98:09:aa:47:2a:4d:34:e4:4d:
         dd:28:ac:7a:08:64:f8:c1:f9:1a:a5:3a:86:c8:92:df:98:50:
         15:4e:52:a3:1d:14:1b:b1:2b:34:4d:bc:f8:cc:3f:97:96:38:
         6b:4d:c6:08:e8:5d:20:7c:38:49:9d:99:a0:42:65:0b:31:ac:
         8a:3e:e2:2a:cb:ad:7c:9c:3a:5b:f9:8b:29:81:c5:1c:14:ae:
         b8:0b:91:f4:0c:2b:da:87:05:9a:1e:c4:7d:48:b1:08:e9:48:
         00:5e:a6:cd:da:0a:26:59:65:28:3b:27:15:08:64:f4:9c:7e:
         6c:8f:75:78
-----BEGIN CERTIFICATE-----
MIIGSzCCBTOgAwIBAgICTwYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjMxMTMwMTkzNzE5WhcNMjUwMTMxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTE2MjBFMDExMC8GA1UEBRMoNzRFNUJCOUI2RDNDQzdGOEMyOUE4M0JE
Qzg0OTJCOTY1OUYwRUUxNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AOZea5zUx2EV/nABCsriCwXceoQBM9dgcOEjKQ/7btN81p//3WSSUhF+rmvhP11w
+Tr7hWCKUoTxztvZQ+e8mV0WmB9eXjbTI/43/ed20RSVyofrRTQNP4CazjKNI0ku
6o59VlJ7MN2p+kohHV9lAKfGFBEWKdf0UOuDCg/k1+WhcgBb+RZf5/c0ziNcckJm
rmC+Di80s/NdIEeVLW985QrhyBUyF11eW6DLkSjWYtVAyGr93SdN2zZcCQiHs3BI
58wKY9GG0VYUoQv6WoO3h4v/KD1oG+WKm2ng3HFJ1ykNbNuVQDzMLl21oZm1VjfV
3H3kMTSv6vVQRiVpBNI7OUkCAwEAAaOCA0EwggM9MB0GA1UdDgQWBBR05bubbTzH
+MKag73ISSuWWfDuFzAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjIwRTAvRDk2NEI0ODIzMTBFMTFFQTlDM0NFNzJGQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTYyMEUwL0Q5NjRCNDgyMzEwRTExRUE5QzNDRTcyRkM0RjlBRTAyL2RPVzdtMjA4
eF9qQ21vTzl5RWtybGxudzdoYy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDBtBggrBgEFBQcBBwEB/wReMFww
WgQCAAEwVAMDAS8IAwMALwsDAwAvDzAKAwMALx0DAwUvAAMDAC/3AwMAghoDAwCE
mgMDAYjoAwMAiWEDAwCLpwMDApg4MAoDAwWdIAMDAp0wAwMAqZUDAwDN/TANBgkq
hkiG9w0BAQsFAAOCAQEAegVS2KCyCmCRHOYS12LgkZ098oAhuFNQkOIUX7WLHNAu
1CWKvHjzmlbSkAU5si36re+2zb3mq5LUY/vQG188oFpCKcUEqUSd9mIFNgPRGWPv
zZhAB7D4zqdN2FOVZRaUEWVTVghCS0V07ivtuThopSFzfeWQ6rTFxcv1P0ZaZQDG
A76SMIafmAmqRypNNORN3Siseghk+MH5GqU6hsiS35hQFU5Sox0UG7ErNE28+Mw/
l5Y4a03GCOhdIHw4SZ2ZoEJlCzGsij7iKsutfJw6W/mLKYHFHBSuuAuR9Awr2ocF
mh7EfUixCOlIAF6mzdoKJlllKDsnFQhk9Jx+bI91eA==
-----END CERTIFICATE-----
Generated at Thu Mar 28 18:54:46 2024 by rpki-client on console-ams.rpki-client.org